api: added allow ability to limit what IPs can access api using a static configured auth token.

author: elijah <elijah@riseup.net> 2016-03-28 15:55:19 -0700
committer: elijah <elijah@riseup.net> 2016-03-28 16:03:54 -0700
commit: e072ac2fa8bc93ed782df1ff95130f4794f9640f (patch)
tree: 986c2cfd607af3f6c0e9c34f62d82de07ff0f3f6 /test/support/auth_test_helper.rb
parent: 67b5aa4198e0f6ab2cd29767aedcb4bf5b5dc4d9 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/test/support/auth_test_helper.rb b/test/support/auth_test_helper.rb
index 7af3341..acc6076 100644
--- a/test/support/auth_test_helper.rb
+++ b/test/support/auth_test_helper.rb
@@ -29,6 +29,21 @@ module AuthTestHelper
     @token.expects(:destroy) if @token
   end
 
+  # authenticate as the api monitor
+  def monitor_auth(&block)
+    token_auth(APP_CONFIG['api_tokens']['monitor'], &block)
+  end
+
+  # authenticate with a token
+  def token_auth(token_str)
+    original = request.env['HTTP_AUTHORIZATION']
+    request.env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Token.encode_credentials(token_str)
+    if block_given?
+      yield
+      request.env['HTTP_AUTHORIZATION'] = original
+    end
+  end
+
   protected
 
   def header_for_token_auth
author	elijah <elijah@riseup.net>	2016-03-28 15:55:19 -0700
committer	elijah <elijah@riseup.net>	2016-03-28 16:03:54 -0700
commit	e072ac2fa8bc93ed782df1ff95130f4794f9640f (patch)
tree	986c2cfd607af3f6c0e9c34f62d82de07ff0f3f6 /test/support/auth_test_helper.rb
parent	67b5aa4198e0f6ab2cd29767aedcb4bf5b5dc4d9 (diff)